Speaking at the recent Canberra Cyber Hub working group, Dan Baker, Australian Cyber Security Centre’s (ACSC) Assistant Director-General of Trust & Insurance, spoke on the Australian Signals Directorate's (ASD) mission of generating signals intelligence, cyber security, and offensive cyber operations, as well as the importance of organisations reporting all cyber incidents to the Australian Cyber Security Centre to help build a national threat picture that will support all Australians.
The best cyber defence is informed by the best intelligence
“When you see an ASD Cybersecurity Advisory, you know it is grounded in, or supported by, some of the best intelligence on the planet,” ASD Executive Dan Baker told Canberra Cyber Hub working group members.
Speaking at the recent gathering Dan Baker talked about ASD’s mission of generating signals intelligence, cyber security, and offensive cyber operations, as well as the importance of organisations reporting all cyber incidents to the Australian Cyber Security Centre to help build a national threat picture that will support all Australians. The ACSC – part of ASD – has the remit to provide cyber security advice and assistance to governments, businesses and individuals.
This year is ASD’s 75th Anniversary, which means their intelligence is derived from the Five Eyes alliance going back 75 years, with origins in WWII.
“We are always at the cutting-edge of technology, with people who are the experts in their fields,” said Dan. “This enables us to provide early warning for Australia.”
Threats in cyber space have never been larger than right now. In the 2020-21 financial year the ACSC recorded a cyber security incident reported every 8 minutes – totalling over 67,500 cybercrime reports. 25 per cent of all incidents reported came from critical infrastructure providers or essential services in Australia, such as education, health, communications, electricity and water.
“That is unlikely to change this year. The current pandemic has increased our reliance on digital services and we are online now more than ever,” said Dan.
“Not a day passes when we don’t see reports of state actors probing and trying to breach Australian networks and our defences.
“With new technologies increasing year-on-year, including AI and smart cities and smart grids, there is a wider attack surface for cyber actors.”
The largest proportion of reported incidents came from federal, state and local governments. Cyber actors exploited vulnerabilities in widely-used software, through cyberattacks against CI providers and supply chains.
ASD’s ACSC has seen actors targeting VPNs, webmail infrastructure and mail servers (O365, Microsoft Exchange), as well as Australian individuals through spear phishing.
Cybercriminals are preying on Australians, said Dan, warning all working group members that “ransomware and Business Email Compromise are particularly concerning for business owners – in fact, they could be crippling.”
“You can buy ransomware and malicious access to networks on the dark web, you don’t have to be technical expert to do it.”
So how do you counter these actors? Dan says it’s through partnerships and awareness.
“We need complementary relationships. Government cannot see everything, nor can organisations expect to deal with threats alone. And in the cyber domain, cooperation counts. Closer collaboration can be our secret weapon in confronting bad cyber actors.”
The ACSC Partnership Program allows organisations to access technical expertise, intelligence and insights, and build cyber collaboration nationwide.
“ACSC develops various initiaives and tools to support Australian businesses,” says Dan.
Access the Small Business Cyber Security Guide and other step-by-step guides to help secure the most common applications and systems at cyber.gov.au.
“Apart from the obvious, cyber attacks can also damage reputations of both businesses and customers and impact operations” said Dan.
“The best-prepared organisations have robust disaster recovery plans.”
A plan should include operational contingencies, should some or all systems go offline and regular testing of backups. Implementing the Essential Eight is one of the best cyber mitigations. Based on the ACSC’s experience in producing cyber threat intelligence, conducting penetration testing and assisting organisations, the Essential Eight is proven to help organisations minimise cyber risk.
“Report, Report, Report,” said Dan “if you experience a cyber incident, please report it to us through ReportCyber at cyber.gov.au, or by calling 1300CYBER1, night or day. We’re here to help, always.”
The ACSC has the products, tools and services to provide advice and assistance to businesses on how best to manage their cyber security risks available at cyber.gov.au.
